similar to: [PATCH] Use credentials and permissions on control socket where available

Displaying 20 results from an estimated 100 matches similar to: "[PATCH] Use credentials and permissions on control socket where available"

2007 Oct 18
0
[PATCH] Use a control socket directory to restrict access
This approach is more complex than I'd like, but it works even on Solaris, which has neither credential passing nor permissions on the socket itself. --- src/control.c | 82 +++++++++++++++++++++++++++++++++++++++----------- src/control_common.h | 1 + src/tincctl.c | 67 +++++++++++++++++++++++++++++++++-------- src/tincd.c | 2 +- 4 files changed, 120
2007 Jul 21
2
tincctl patches
(Second try to send this. I wonder if the first one gotten eaten by a spam filter; I'll link to patches instead of attaching them.) Here are the tincctl patches I've been working on. They apply to http://www.tinc-vpn.org/svn/tinc/branches/1.1@1545. I intend to commit them once the crypto stuff's fixed. Since they're basically done, I'm emailing them now for review and in case
2005 Jul 06
0
[PATCH] Simplify Kerberos credentials cache code
The attached patch removes the duplicated credentials cache generation code in auth-krb5.c and gss-serv-krb5.c, by turning it into a procedure which is then called by both sections of code. It's against the latest portable CVS tree. Cheers, Simon. -------------- next part -------------- Index: auth-krb5.c =================================================================== RCS file:
2020 Sep 25
0
[RFC PATCH 01/19] tools/virtiofsd: add support for --socket-group
If you like running QEMU as a normal user (very common for TCG runs) but you have to run virtiofsd as a root user you run into connection problems. Adding support for an optional --socket-group allows the users to keep using the command line. Signed-off-by: Alex Benn?e <alex.bennee at linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com> --- v1 - tweak documentation and
2007 Aug 03
1
race condition with ControlMaster=auto
There is a race in the setup of the ControlMaster socket in auto mode, as illustrated by the following command line: ssh -oControlMaster=auto -oControlPath=sock localhost 'sleep 1; echo 1' & ssh -oControlMaster=auto -oControlPath=sock localhost 'sleep 2; echo 2' & Both of the commands will try to start up as a control client, find that sock does not exist, and switch into
2003 Nov 17
1
rsync --daemon and logfile that can't be created
If the rsyncd.conf has a line such as: log file = /var/log/rsync/log and /var/log/rsync doesn't exist or isn't a directory (or the log file can't be opened for any other reason), then there's no warning whatsoever, as rsync forks itself into the background before checking the config, opening the log file, etc. Worse still, it gets a SIGSEGV, and dumps core. Here's a strace
2006 Feb 10
0
OpenSSH ControlAllowUsers, et al Patch
Attached (and inline) is a patch to add the following config options: ControlBindMask ControlAllowUsers ControlAllowGroups ControlDenyUsers ControlDenyGroups It pulls the peer credential check from client_process_control() in ssh.c, and expounds upon it in a new function, client_control_grant(). Supplemental groups are not checked in this patch. I didn't feel comfortable taking a shot
2008 Dec 04
0
[patch] muxserver_listen() doesn't restore umask when bind fails
Cheers, - Salva $ diff -c mux.c~ mux.c *** mux.c~ 2008-06-14 01:01:54.000000000 +0200 --- mux.c 2008-12-04 12:24:45.000000000 +0100 *************** *** 148,153 **** --- 148,154 ---- error("ControlSocket %s already exists, " "disabling multiplexing", options.control_path); close(muxserver_sock); + umask(old_umask);
2010 Jan 14
1
ssh(1) multiplexing rewrite
Hi, At the n2k10 OpenBSD network hackathon, I finally got some time to clean up and rewrite the ssh(1) client multiplexing code. The attached diffs (one for portable OpenSSH, one for OpenBSD) are the result, and they need some testing. The revised multiplexing code uses a better protocol between the master and slave processes and I even bothered to write it up :) It tracks the control sockets
2013 Oct 25
2
[PATCH] support SO_REUSEPORT on new listeners (:reuseport)
This allows users to start an independent instance of unicorn on a the same port as a running unicorn (as long as both instances use :reuseport). ref: https://lwn.net/Articles/542629/ --- lib/unicorn/configurator.rb | 19 +++++++++++++++++++ lib/unicorn/socket_helper.rb | 30 ++++++++++++++++++++++-------- test/unit/test_socket_helper.rb | 8 ++++++++ 3 files changed, 49 insertions(+), 8
2017 Sep 28
0
tinc: fix parsing of -b flag
Only the short -b option is missing, --batch works as expected. - todd diff --git a/src/tincctl.c b/src/tincctl.c index 9eb9a1b..766b769 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -168,7 +168,7 @@ static bool parse_options(int argc, char **argv) { int r; int option_index = 0; - while((r = getopt_long(argc, argv, "+c:n:", long_options, &option_index)) != EOF) { +
2012 Dec 28
4
tincctl localhost timeout
First off, thanks to all who have made tinc possible and continue to work developing it. I hope perhaps in time I can become a useful part of this community. :) I'm having an interesting issue with tincctl and was hoping someone could shed some light on it. Everything seems to work correctly when I build for OSX; however on linux and windows builds, I always receive connection
2012 Dec 06
1
tinc1.1pre4 tincctl restart
I cant restart my tincd with 'tincctl restart -n $NETNAME' I get the message: 'Could not restart tinc daemon' It works with 'tincctl stop -n NETNAME && tincctl start -n NETNAME' but sometimes the /var/run/tinc.$NETNAME.pid file is missing so I need to kill tinc manually
2018 Dec 18
0
subnet flooded with lots of ADD_EDGE request
On Tue, Dec 11, 2018 at 02:36:18PM +0800, Amit Lianson wrote: > We're suffering from sporadic network blockage(read: unable to ping > other nodes) with 1.1-pre17. Before upgrading to the 1.1-pre release, > the same network blockage also manifested itself in a pure 1.0.33 > network. > > The log shows that there are a lot of "Got ADD_EDGE from nodeX >
2017 Sep 13
2
purge doesn't remove dead nodes
> > Maybe I should allow the reachable keyword for the dump graph command as > well, so you can do: > > tincctl -n <netname> dump reachable graph > > ...and not see any nodes which are unreachable. Is that what you want? This would help since dead nodes do not clutter the visual representation. What are the effects, if any, of dead nodes in the hosts/ dir? Thanks
2017 Dec 22
2
Re: [BUG] Not exiting media forced a promptly close of libvirt 3.10
Hi Daniel, sorry. Here the requested stack trace. Best regards Holger ===================================================================================== Thread 18 (Thread 0x7f0d495e0700 (LWP 10742)): #0  0x00007f0d55e690bf in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 No symbol table info available. #1  0x00007f0d5892176a in virCondWait (c=c@entry=0x5557f238db28,
2013 Jan 20
0
[Announcement] Tinc version 1.1pre5 released
With pleasure we announce the release of tinc version 1.1pre5. Here is a summary of the changes: * Fixed long delays and possible hangs on Windows. * Fixed support for the tunemu device on iOS, the UML and VDE devices. * Small improvements to the documentation and error messages. * Fixed broadcast packets not reaching the whole VPN. * Tincctl now connects via a UNIX socket to the tincd
2013 Jan 20
0
[Announcement] Tinc version 1.1pre5 released
With pleasure we announce the release of tinc version 1.1pre5. Here is a summary of the changes: * Fixed long delays and possible hangs on Windows. * Fixed support for the tunemu device on iOS, the UML and VDE devices. * Small improvements to the documentation and error messages. * Fixed broadcast packets not reaching the whole VPN. * Tincctl now connects via a UNIX socket to the tincd
2011 Jun 25
0
[Announcement] Version 1.1pre1 released
With pleasure we announce the release of version 1.1pre1. Here is a summary of the changes: * Control interface allows control of a running tinc daemon. Used by: * tincctl, a commandline utility * tinc-gui, a preliminary GUI implemented in Python/wxWidgets * Code cleanups and reorganization. * Repleacable cryptography backend, currently supports OpenSSL and libgcrypt. * Use libevent
2011 Jun 25
0
[Announcement] Version 1.1pre1 released
With pleasure we announce the release of version 1.1pre1. Here is a summary of the changes: * Control interface allows control of a running tinc daemon. Used by: * tincctl, a commandline utility * tinc-gui, a preliminary GUI implemented in Python/wxWidgets * Code cleanups and reorganization. * Repleacable cryptography backend, currently supports OpenSSL and libgcrypt. * Use libevent